On 9/17/20 12:49 PM, John-Mark Gurney wrote:
Ian Lepore wrote this message on Thu, Sep 17, 2020 at 09:01 -0600:
On Thu, 2020-09-17 at 18:43 +0400, Gleb Popov wrote:
On Thu, Sep 17, 2020 at 6:05 PM Cy Schubert <
cy.schub...@cschubert.com>
wrote:
I've been advocating removing FTP (and HTTP) from libfetch as well.
People
should be using HTTPS only.
Isn't this a bit too much? I often find myself in need to download
something starting with "http://"; or "ftp://"; and use fetch for this.
Indeed, we have products which rely on this ability in libfetch and we
have to keep supporting them for many many years to come.
I hate it when someone imperiously declares [For security reasons]
"People should/shouldn't be using ______". You have no idea what the
context is, and thus no ability to declare what should or shouldn't be
used in that context. For example, two embedded systems talking to
each other over a point to point link within a sealed device are not
concerned about man in the middle attacks or other modern internet
threats.
And I really dislike when people want to make sure that their unique
case that less than a percent of people would every hit blocks the
security improvements for the majority of people...
I've given up on a number of security improvements in FreeBSD because
of this attitude...
while i tend to agree with you here - i would say that in this case
there is a very large use case where preservation of http is very
important to a wide base of users:
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-retrieval.html
https://cloud.google.com/compute/docs/storing-retrieving-metadata
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/instance-metadata-service
regarding the main topic tho - dropping ftpd from base seems like a good
iteration in clearing out cruft from the code base so we can focus on
things with much larger user bases. fortunately we have an excellent
ports/pkg infrastructure to service this need if it arises.
-pete
--
Pete Wright
p...@nomadlogic.org
@nomadlogicLA
_______________________________________________
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
